Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Container registry lists the architecture unknown/unknown when manifest attestations are present #24973

Closed
KN4CK3R opened this issue May 28, 2023 · 4 comments
Closed

Container registry lists the architecture unknown/unknown when manifest attestations are present #24973

KN4CK3R opened this issue May 28, 2023 · 4 comments
Labels
topic/packages type/bug

Comments

@KN4CK3R
Copy link
Member

KN4CK3R commented May 28, 2023
edited
Loading

Related:
https://github.com/orgs/community/discussions/45969
docker/build-push-action#755
https://codeberg.org/forgejo/forgejo/issues/780

I recently noticed that packages that have been pushed to the container registry using docker buildx build now have a new architecture listed, unknown/unknown. After some further investigation, I discovered that what is happening is that the Docker Buildx CLI is including image attestations for these images, which seems harmless, but causes GitHub Packages to list the unknown/unknown arch used for these attestations under the "OS / Arch" tab. This is similar to another topic recently posted, but this is more of a UI bug rather than an issue inspecting or pulling the manifests.

The current behavior means that if you push an image for linux/arm64 and linux/amd64, you'll get three architectures listed, linux/arm64, linux/amd64, and unknown/unknown. The unknown/unknown arch has a hash listed, but that is not shown in the version list anywhere unless you dig deep to find it. This appears to inconsistent with what the Docker Hub shows, which, in this case, would be only two architectures linux/arm64 and linux/amd64.
@the-hotmann
Copy link

Same problem here - this confused me quite a bit.
Can someone please check why exactly this is happening and is this something that is wanted?

@hiifong hiifong mentioned this issue Nov 30, 2024
Closed
@hiifong
Copy link
Member

hiifong commented Nov 30, 2024
edited
Loading

@KN4CK3R @the-hotmann Can you try this command?

docker buildx create --use --name {image}
docker buildx build --platform linux/amd64,linux/arm64 -t {gitea.domain}/{owner}/{image}:latest . --push --provenance false

@the-hotmann
Copy link

Hi @hiifong,

thanks. Adding --provenance false to the docker buildx-command did the trick.
I wonder what the downsides of this are?

@the-hotmann
Copy link

Also deleting single "layers" was a pain in the as*..
Why is there no "delete" button for a whole package and for tags?

Like possible at DockerHub.

@hiifong hiifong mentioned this issue Dec 15, 2024
Merged
lunny pushed a commit that referenced this issue Dec 16, 2024
@hiifong @silverwind
Do not display attestation-manifest and use short sha256 instead of…
276f433 
… full sha256 (#32851)

Related: #24973

Before:

![image](https://github.com/user-attachments/assets/bca17900-5075-4d15-af7a-c71bf8979c04)

After:

![image](https://github.com/user-attachments/assets/c5a24e3b-763b-4463-80db-d4dbd89f7dc4)

Index:
```json
{
  "schemaVersion": 2,
  "mediaType": "application/vnd.oci.image.index.v1+json",
  "manifests": [
    {
      "mediaType": "application/vnd.oci.image.manifest.v1+json",
      "digest": "sha256:5967afffdfde104ca1459286a72346baaef8b70ac153325d7a6cd85c7734ac6e",
      "size": 672,
      "platform": {
        "architecture": "amd64",
        "os": "linux"
      }
    },
    {
      "mediaType": "application/vnd.oci.image.manifest.v1+json",
      "digest": "sha256:f9abfcc55320f9ff1f38eeb7dbb4bea10b29c7febfa49ccd7aab9fa02403b9f0",
      "size": 672,
      "platform": {
        "architecture": "arm64",
        "os": "linux"
      }
    },
    {
      "mediaType": "application/vnd.oci.image.manifest.v1+json",
      "digest": "sha256:d70ad19d00c19e40691045cbddc3e8a5a4454c31cc454d1132b13bcaf35b6d46",
      "size": 566,
      "annotations": {
        "vnd.docker.reference.digest": "sha256:5967afffdfde104ca1459286a72346baaef8b70ac153325d7a6cd85c7734ac6e",
        "vnd.docker.reference.type": "attestation-manifest"
      },
      "platform": {
        "architecture": "unknown",
        "os": "unknown"
      }
    },
    {
      "mediaType": "application/vnd.oci.image.manifest.v1+json",
      "digest": "sha256:73bc233bf4eac96a404ce3e0430b698831a4ea7050c878d5f76d1d1f133751dd",
      "size": 566,
      "annotations": {
        "vnd.docker.reference.digest": "sha256:f9abfcc55320f9ff1f38eeb7dbb4bea10b29c7febfa49ccd7aab9fa02403b9f0",
        "vnd.docker.reference.type": "attestation-manifest"
      },
      "platform": {
        "architecture": "unknown",
        "os": "unknown"
      }
    }
  ]
}
```

---------

Co-authored-by: silverwind <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
topic/packages type/bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@KN4CK3R @wxiaoguang @the-hotmann @hiifong